Personal blog

The problem with Let’s Encrypt (or someone’s)

Let’s Encrypt gives you free DV certificates via easy to use, automated process. Just install their script, or choose one from the gazillion of custom ones, and you’re good to go with a strong encryption to your website and automatic renewals.

One thing that really bothers me when people say that Let’s Encrypt is the solution to everything is that… it isn’t when you cannot use it. If you are not a server person, your website rests at a web hosting company’s shared platform where you do not have any say in Apache/NGINX configs, cannot apt-get, or curl | bash. You most likely don’t even have any clue what those terms mean. So Let’s Encrypt doesn’t solve the problem for shared hosting plans as long as the web hosting companies don’t provide it. Simple as that. It really gets into my nerves when people comment on forums that everyone should be using Let’s Encrypt and that now we’ve got a free solution there is *nothing* that could keep even a single person from turning on the green lock. Like really, most small to mid-sized companies have their web sites running on shared hosting. Not possible to rely solely on the port 443.

That’s it. Let’s Encrypt is a wonderful thing and I really like it but it just so bugs me when uneducated or ignorant people slam it to other peoples’ faces without actually thinking for a moment if it can even be applied here and there.

I hope CPanel and the rest implement it soon enough and more so that the shared hosting providers turn on the knobs for easy enabling.